摘要
日志审计系统是信息保障体系中进行事后分析处理的最重要和有效的手段,审计系统是信息安全防护系统最重要的系统之一,承担任务总结、事后追查的重担。而在云计算技术大规模应用的今天,日志审计系统借助于大数据的分析能力,利用插件式分析引擎,在海量杂乱无章的行为日志中找出违规行为,有针对性地综合各方面的安全因素,从整体上动态反映网络安全状况,并对安全状况的发展趋势进行预测和预警,为增强网络安全性提供可靠的参照依据,从日志采集、存储、统计分析、事件分析方面提出了一种在大数据环境下的审计系统技术实现框架。
The log audit system is the most important and effective means for post-mortem analysis and processing in information security system.The audit system is one of the most important systems of information security protection system,which bears the burden of task summary and post-event investigation.In today’s large-scale application of cloud computing technology,log audit system,with the help of big data analysis ability and plug-in analysis engine,finds out violations in the massive and disordered behavior logs,comprehensively integrates various factors in a targeted manner,and dynamically reflects the overall network security status.It also forecasts and warns the development trend of security conditions,and provides a reliable reference basis for enhancing network security.This paper proposes a technical implementation framework for auditing system in a big data environment from log collection,storage,statistical analysis,and event analysis.
作者
裴华
刘炜
唐冬林
PEI Hua;LIU Wei;TANG Dong-lin(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
出处
《通信技术》
2020年第9期2252-2256,共5页
Communications Technology
关键词
审计框架
网络安全
大数据
audit framework
network security
big data
